6.1 Nava说明
6.1.1 Nava是啥
OpenStack 是由 Rackspace 和 NASA 共同开发的云计算平台
类似 Amazon EC2 和 S3 的云基础架构服务
Nava 在 OpenStack 中提供云计算服务
6.1.2 组件说明
-
API
-
nova-api service
接收并相应终端用户计算API调用;
该服务支持 OpenStack 计算 API,Amazon EC2 和特殊的管理特权 API;
-
nova-api-metadata service
接受从实例元数据发来的请求;
该服务通常与 nova-network 服务在安装多主机模式下运行;
-
-
Core
-
nova-compute service
一个守护进程,通过虚拟化层 API 接口创建和终止虚拟机实例;
例如:XenAPI for XenServer/XCP, libvirt for KVM or QEMU, VMwareAPI for VMware;
-
nova-scheduler service
从队列中获取虚拟机请求实例,并确认由哪台计算机运行该虚拟机;
负责虚拟机创建时候的,宿主机负载判断;
-
nova-conductor module
协调 nova-compute 服务和 database 之间的交互数据;
避免 nova-compute 服务直接访问云数据库;
不要将该模块部署在 nova-compute 运行的节点上;
-
-
Networking
-
nova-network worker daemon
类似于 nova-conpute 服务,接受来自队列的网络任务和操控网络;
比如这只网卡桥接或改变iptables规则;
-
nova-consoleauth daemon
在控制台代理提供用户授权令牌;
-
nova-novncproxy daemon
提供了一个通过VNC连接来访问运行的虚拟机实例的代理;
支持基于浏览器的 novnc 客户端;
-
nova-spicehtml5proxy daemon
提供了一个通过spice连接老访问运行的虚拟机实例的代理;
支持基于浏览器的 HTML5 客户端;
-
nova-xvpnvncproxy daemon
提供了一个通过VNC连接来访问运行的虚拟机实例的代理;
支持 OpenStack-Specific Java客户端;
-
nova-cert daemon
x509 证书
-
-
Othor
-
nova-objectstore daemon
一个 Amazon S3 的接口,用于将 Amazon S3 的镜像注册到 OpenStack euca2ools client 用于兼容 Amazon E2 接口的命令行工具;
-
nova client
nova 命令行工具;
-
The queue
在进程之间传递消息的队列;
通常使用RabbitMQ;
-
SQL database
保存云计算基础设置,建立和运行时的状态信息;
-
6.2 部署 Nova Controller
在Controller节点部署;
6.2.1 创建 Nova Controller 数据库
mysql -uroot -p
CREATE DATABASE nova_api;
CREATE DATABASE nova;
CREATE DATABASE nova_cell0;
GRANT ALL PRIVILEGES ON nova_api.* TO 'nova'@'localhost' IDENTIFIED BY 'nova';
GRANT ALL PRIVILEGES ON nova_api.* TO 'nova'@'%' IDENTIFIED BY 'nova';
GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'localhost' IDENTIFIED BY 'nova';
GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'%' IDENTIFIED BY 'nova';
GRANT ALL PRIVILEGES ON nova_cell0.* TO 'nova'@'localhost' IDENTIFIED BY 'nova';
GRANT ALL PRIVILEGES ON nova_cell0.* TO 'nova'@'%' IDENTIFIED BY 'nova';
FLUSH PRIVILEGES;
6.2.2 创建Nova Controller用户
加载
admin凭证,来获取管理员命令的执行权限
source admin-openrc
创建
nova用户
openstack user create --domain default --password-prompt nova
User Password:nova
Repeat User Password:nova
+---------------------+----------------------------------+
| Field | Value |
+---------------------+----------------------------------+
| domain_id | default |
| enabled | True |
| id | c373a827b3f243f7a7e00ff172170cb1 |
| name | nova |
| options | {} |
| password_expires_at | None |
+---------------------+----------------------------------+
给
nova用户分配admin角色,并加入到service项目
openstack role add --project service --user nova admin
创建
nova服务
openstack service create --name nova --description "OpenStack Compute" compute
+-------------+----------------------------------+
| Field | Value |
+-------------+----------------------------------+
| description | OpenStack Compute |
| enabled | True |
| id | 4319f9d4c8b34fc09a066de1171d0c1e |
| name | nova |
| type | compute |
+-------------+----------------------------------+
创建
novaAPI 端点
openstack endpoint create --region RegionOne compute public http://controller:8774/v2.1
+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | 73777313e28a48758b50d4e279c0bb83 |
| interface | public |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 4319f9d4c8b34fc09a066de1171d0c1e |
| service_name | nova |
| service_type | compute |
| url | http://controller:8774/v2.1 |
+--------------+----------------------------------+
openstack endpoint create --region RegionOne compute internal http://controller:8774/v2.1
+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | 9b5e6398e7ff4d92aa81e48e5201a574 |
| interface | internal |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 4319f9d4c8b34fc09a066de1171d0c1e |
| service_name | nova |
| service_type | compute |
| url | http://controller:8774/v2.1 |
+--------------+----------------------------------+
openstack endpoint create --region RegionOne compute admin http://controller:8774/v2.1
+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | b1c1874e043b491ca87f98bbd103e2b2 |
| interface | admin |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 4319f9d4c8b34fc09a066de1171d0c1e |
| service_name | nova |
| service_type | compute |
| url | http://controller:8774/v2.1 |
+--------------+----------------------------------+
6.2.3 安装配置 Nova Controller
yum install -y openstack-nova-api openstack-nova-conductor \
openstack-nova-novncproxy openstack-nova-scheduler
# 配置nova
vim /etc/nova/nova.conf
配置 compute 和 metadata APIs
[DEFAULT]
enabled_apis=osapi_compute,metadata
配置数据连接
[api_database]
connection = mysql+pymysql://nova:nova@controller.alec.com/nova_api
[database]
connection = mysql+pymysql://nova:nova@controller.alec.com/nova
配置RabbitMQ (如果RabbitMQ和Nova Controller不在同一节点,不能使用RabbitMQ的guest用户)
[DEFAULT]
transport_url = rabbit://alec:alec@controller:5672/
配置认证服务访问
[api]
auth_strategy = keystone
[keystone_authtoken]
www_authenticate_uri = http://controller:5000/
auth_url = http://controller:5000/
memcached_servers = controller:11211
auth_type = password
project_domain_name = Default
user_domain_name = Default
project_name = service
username = nova
password = nova
配置管理IP
[DEFAULT]
my_ip=192.168.136.11
配置Neutron (装好Neutron后再配置,后面再说,这里先不改)
[neutron]
auth_url = http://controller:5000
auth_type = password
project_domain_name = default
user_domain_name = default
region_name = RegionOne
project_name = service
username = neutron
password = neutron
配置vnc代理
[vnc]
enabled = true
server_listen = $my_ip
server_proxyclient_address = $my_ip
配置Glance API
[glance]
api_servers = http://controller:9292
配置锁路径
[oslo_concurrency]
lock_path = /var/lib/nova/tmp
配置Placement(略过,只做记录)
[placement]
region_name = RegionOne
project_domain_name = Default
project_name = service
auth_type = password
user_domain_name = Default
auth_url = http://controller:5000/v3
username = placement
password = placement
6.2.4 初始化数据库
# 初始化 nava_api 数据库
su -s /bin/sh -c "nova-manage api_db sync" nova
# 注册 cell0 数据库
su -s /bin/sh -c "nova-manage cell_v2 map_cell0" nova
# 创建 cell1 单元
su -s /bin/sh -c "nova-manage cell_v2 create_cell --name=cell1 --verbose" nova
fb8e991a-8c1b-4b73-9802-3fb125cf6335
# 初始化 nava 数据库
su -s /bin/sh -c "nova-manage db sync" nova
# 验证 cell0 和 cell1 是否正确注册
su -s /bin/sh -c "nova-manage cell_v2 list_cells" nova
+-------+--------------------------------------+-------------------------------------+----------------------------------------------------------+
| 名称 | UUID | Transport URL | 数据库连接 |
+-------+--------------------------------------+-------------------------------------+----------------------------------------------------------+
| cell0 | 00000000-0000-0000-0000-000000000000 | none:/ | mysql+pymysql://nova:****@controller.alec.com/nova_cell0 |
| cell1 | fb8e991a-8c1b-4b73-9802-3fb125cf6335 | rabbit://alec:****@controller:5672/ | mysql+pymysql://nova:****@controller.alec.com/nova |
+-------+--------------------------------------+-------------------------------------+----------------------------------------------------------+
6.2.5 启动服务
systemctl start openstack-nova-api
systemctl start openstack-nova-scheduler
systemctl start openstack-nova-conductor
systemctl start openstack-nova-novncproxy
systemctl enable openstack-nova-api
systemctl enable openstack-nova-scheduler
systemctl enable openstack-nova-conductor
systemctl enable openstack-nova-novncproxy
6.3 部署 Nova Compute
在Compute节点部署
6.3.1 安装配置Nova Compute
yum install -y openstack-nova-compute
# 解决qemu-kvm-rhev依赖,在/etc/yum.repos.d/Centos-7.repo1追加virt源
# 会安装qemu-kvm-ev
[virt]
name=centosvirt
baseurl=https://mirrors.aliyun.com/centos/$releasever/virt/$basearch/kvm-common/
gpgcheck=0
enabled=1
配置 compute 和 metadata APIs
[DEFAULT]
enabled_apis=osapi_compute,metadata
配置RabbitMQ (如果RabbitMQ和Nova Controller不在同一节点,不能使用RabbitMQ的guest用户)
[DEFAULT]
transport_url = rabbit://alec:alec@controller:5672/
配置认证服务访问
[api]
auth_strategy = keystone
[keystone_authtoken]
www_authenticate_uri = http://controller:5000/
auth_url = http://controller:5000/
memcached_servers = controller:11211
auth_type = password
project_domain_name = Default
user_domain_name = Default
project_name = service
username = nova
password = nova
配置管理IP (配置为compute节点的管理网络IP)
[DEFAULT]
my_ip=192.168.136.13
配置Neutron (装好Neutron后再配置,后面再说)
[neutron]
auth_url = http://controller:5000
auth_type = password
project_domain_name = default
user_domain_name = default
region_name = RegionOne
project_name = service
username = neutron
password = neutron
配置vnc代理
[vnc]
enabled = true
server_listen = 0.0.0.0
server_proxyclient_address = $my_ip
novncproxy_base_url = http://controller:6080/vnc_auto.html
配置Glance服务
[glance]
api_servers = http://controller:9292
配置 lock path
[oslo_concurrency]
lock_path = /var/lib/nova/tmp
配置Placement
[placement]
region_name = RegionOne
project_domain_name = Default
project_name = service
auth_type = password
user_domain_name = Default
auth_url = http://controller:5000/v3
username = placement
password = placement
配置虚拟类型
# 确定conpute节点是否支持硬件加速
egrep -c '(vmx|svm)' /proc/cpuinfo
# 如果命令返回 1 或者 greater 可以略过这个配置;
# 如果返回 0,说明不支持硬件加速,需要配置libvirtd使用 qemu 而不是 kvm;
[libvirt]
virt_type = qemu
6.3.2 启动服务
systemctl start libvirtd openstack-nova-compute
systemctl enable libvirtd openstack-nova-compute
6.4 添加计算节点到单元数据库中(controller节点执行)
加载
admin凭证
source admin-openrc
确认数据库中计算节点的主机
openstack compute service list --service nova-compute
发现计算节点主机
su -s /bin/sh -c "nova-manage cell_v2 discover_hosts --verbose" nova
Found 2 cell mappings.
Skipping cell0 since it does not contain hosts.
Getting computes from cell 'cell1': fb8e991a-8c1b-4b73-9802-3fb125cf6335
Found 0 unmapped computes in cell: fb8e991a-8c1b-4b73-9802-3fb125cf6335
查看节点加入信息
openstack compute service list
+----+----------------+------------+----------+---------+-------+----------------------------+
| ID | Binary | Host | Zone | Status | State | Updated At |
+----+----------------+------------+----------+---------+-------+----------------------------+
| 4 | nova-scheduler | controller | internal | enabled | up | 2020-07-18T18:08:30.000000 |
| 5 | nova-conductor | controller | internal | enabled | up | 2020-07-18T18:08:33.000000 |
| 6 | nova-compute | compute | nova | enabled | up | 2020-07-18T18:08:25.000000 |
+----+----------------+------------+----------+---------+-------+----------------------------+
6.5 服务验证
加载
admin凭证
source admin-openrc
查看节点信息
openstack compute service list
+----+----------------+------------+----------+---------+-------+----------------------------+
| ID | Binary | Host | Zone | Status | State | Updated At |
+----+----------------+------------+----------+---------+-------+----------------------------+
| 4 | nova-scheduler | controller | internal | enabled | up | 2020-07-18T18:08:30.000000 |
| 5 | nova-conductor | controller | internal | enabled | up | 2020-07-18T18:08:33.000000 |
| 6 | nova-compute | compute | nova | enabled | up | 2020-07-18T18:08:25.000000 |
+----+----------------+------------+----------+---------+-------+----------------------------+
在认证服务中列出所有的API端点
+-----------+-----------+-----------------------------------------+
| Name | Type | Endpoints |
+-----------+-----------+-----------------------------------------+
| nova | compute | RegionOne |
| | | public: http://controller:8774/v2.1 |
| | | RegionOne |
| | | internal: http://controller:8774/v2.1 |
| | | RegionOne |
| | | admin: http://controller:8774/v2.1 |
| | | |
| keystone | identity | RegionOne |
| | | public: http://controller:5000/v3/ |
| | | RegionOne |
| | | internal: http://controller:5000/v3/ |
| | | RegionOne |
| | | admin: http://controller:5000/v3/ |
| | | |
| glance | image | RegionOne |
| | | admin: http://controller:9292 |
| | | RegionOne |
| | | internal: http://controller:9292 |
| | | RegionOne |
| | | public: http://controller:9292 |
| | | |
| placement | placement | RegionOne |
| | | admin: http://controller:8778 |
| | | RegionOne |
| | | internal: http://controller:8778 |
| | | RegionOne |
| | | public: http://controller:8778 |
| | | |
+-----------+-----------+-----------------------------------------+
检查 cell 和 Placement API 是否正常
nova-status upgrade check
+-------------------------------+
| 升级检查结果 |
+-------------------------------+
| 检查: Cells v2 |
| 结果: 成功 |
| 详情: None |
+-------------------------------+
| 检查: Placement API |
| 结果: 成功 |
| 详情: None |
+-------------------------------+
| 检查: Resource Providers |
| 结果: 成功 |
| 详情: None |
+-------------------------------+
| 检查: Ironic Flavor Migration |
| 结果: 成功 |
| 详情: None |
+-------------------------------+
| 检查: API Service Version |
| 结果: 成功 |
| 详情: None |
+-------------------------------+
